83825d26e9
Generated JWT secret is too small for HMAC SHA256 ( #582 )
...
The key that is automatically generated weaken the security strength.
As noted in RFC7518 section 3.2 [0]:
```
A key of the same size as the hash output (for instance, 256 bits for
"HS256") or larger MUST be used with this algorithm. (This
requirement is based on Section 5.3.4 (Security Effect of the HMAC
Key) of NIST SP 800-117 [NIST.800-107], which states that the
effective security strength is the minimum of the security strength
of the key and two times the size of the internal hash value.)
```
Some JWT libraries are rejecting by default keys that are too small in
a attempt to prevent misusages so generating a key that does not respect
the minimal length can be problematic for OO integrations.
[0] https://www.rfc-editor.org/rfc/rfc7518.html#section-3.2
2023-02-07 11:02:40 +05:00
19debc5181
Merge branch 'develop' into hotfix/v7.2.2
2022-12-27 18:31:52 +03:00
edb6e9b044
Merge branch 'hotfix/v7.2.2' into feature/release-merge
2022-12-20 13:24:55 +03:00
6c0c7085c9
Feature/Add supervisor services ( #517 )
...
* Add supervisor services
* Add installation of the DOCKER_INSTALLATION variable
2022-10-31 17:19:10 +03:00
cdc73fe379
Fix Bug 59481 - Fix errors when starting the container ( #530 )
...
* Update the rabbitmq version
* Fix incorrect replacement of worker_connections
* Limiting the maximum number of simultaneous connections due to possible memory shortage
2022-10-31 16:34:42 +03:00
d98eb758b5
Fix Bug 59483 - Fix port parsing from amqp_uri ( #529 )
...
* Fix port parsing from amqp_uri
* Correct regex for port parsing
2022-10-28 16:33:41 +03:00
b9bfa7b90c
fix Bug 58778 - Correct the display of container ID for 22.04 ( #494 )
2022-09-13 11:08:04 +03:00
e44acbebf7
Fix KylinOS start error ( #471 )
...
* Fix KylinOS start error
* Small changes
* Small changes
2022-08-31 12:13:30 +03:00
34180710cf
Fix command to get container id ( #483 )
2022-08-22 20:56:45 +03:00
8887cb7a26
Enable JWT by default and add a JWT status message ( #482 )
...
* Enable JWT by default and add a JWT status message
* Correct JWT message
* Add a condition for displaying a JWT message
* Minor correction
* Minor correction
2022-08-22 20:27:10 +03:00
06a05223b5
Fix bug #58032 / Fix moves certificates alarm messages ( #461 )
...
* Add some checks before replace certificates
* Change if check key
* Refactoring code
* Refactoring code
* Add checking exist files
* Refactor: refactoring code
* Remove check files conditions
2022-07-19 15:51:46 +03:00
143e77fdfc
Fix Big #57286 / Add redis password config settings ( #466 )
...
* Add redis password settings
* Add variable description
* Change variable descriptions
* Change variable descriptions
* Change variable descriptions
2022-07-18 17:11:06 +03:00
c16635ea71
Fix supervisor socket messages ( #459 )
2022-07-12 12:37:48 +03:00
c7a1fd04a4
fix Bug 50138 / Fix SSL key access error ( #455 )
...
* Fix SSL key access error
* Change name of directory
2022-07-05 14:56:42 +03:00
9494e08e8f
Fix for redis correct work ( #449 )
...
* Fix for redis correct work
* Refactoring code
* Refactoring code
* Refactoring code
* Refactor: refactoring code
2022-06-15 10:30:18 +03:00
01606746c1
Fix Bug 53170 / Add the ability to set secure_link_secret ( #444 )
...
* Add securelink generation
* Add ability to configure securelink_secret
* Add a description of SECURE_LINK_SECRET
* Update README.md
2022-06-07 16:16:05 +03:00
80acbe974d
Fix bug #53046 : sed error starting container on Arch ( #433 )
2022-04-29 14:55:25 +03:00
4fb0a1e712
Improve SSL certificate detection ( #431 )
2022-04-25 17:25:19 +03:00
39d2e303f1
Fix disabling JWT
2022-04-12 19:00:46 +03:00
21f5019e1c
Initialliaze services.CoAuthoring.redis before attempting to set a child to a value ( #404 )
...
Co-authored-by: papacarlo <builder@onlyoffice.com >
2022-02-09 10:37:52 +03:00
a31a579d24
Add WOPI_ENABLED variable ( #379 )
...
* Add WOPI_ENABLED variable
* Add var description
2021-09-14 17:53:37 +03:00
5bf1ff715f
Remove server version of spell checker ( #365 )
2021-06-22 09:59:50 +03:00
f2c708cff2
Reset database tables on update ( #351 )
...
* Reset database tables on update
* Add changes
* Add changes
* Add changes
* Add changes
* Add changes
* Add changes
2021-04-14 17:10:38 +03:00
1cfe84b8b8
Fix automatic port detection for database ( #341 )
2021-03-19 16:20:52 +03:00
eddbbbf3eb
Fix unsupported rabbitmq ver. Use 20.04 as base. ( #307 )
...
* Fix unsupported rabbitmq ver. Use 20.04 as base.
* Extend timeout for test (#311 )
* test01
* Timeout
* Small changes
* Change timeout to 90
Co-authored-by: Roman Demidov <roman.demidov@onlyoffice.com >
2020-11-20 10:53:36 +03:00
326a005ac7
Fix empty lets encrypt params error ( #310 )
2020-11-18 10:46:19 +03:00
9e63609c14
Fix custom db name bug ( #304 )
...
Co-authored-by: papacarlo <builder@onlyoffice.com >
2020-10-27 13:50:48 +03:00
bdef500858
Allow let's encrypte sertificates ( #300 )
...
* Allow let's encrypte sertificates
Co-authored-by: papacarlo <builder@onlyoffice.com >
Co-authored-by: Roman <demidov.roman@onlyoffice.com >
2020-10-22 13:47:51 +03:00
211ae50980
Fix #281 : Add option to disable CPU-heavy tasks on startup ( #293 )
...
* Fix #281 : Add option to disable CPU-heavy tasks on startup
* Update README.md
Co-authored-by: Sandro <sandro.jaeckel@gmail.com >
* Update README.md
Co-authored-by: Roman <demidov.roman@onlyoffice.com >
Co-authored-by: Sandro <sandro.jaeckel@gmail.com >
2020-10-20 16:14:55 +03:00
85158c3624
Merge branch release/v6.0.0 into develop
2020-09-30 15:15:35 +00:00
1956f98c1d
Fixes exit procedure. ( #286 )
2020-09-10 17:02:20 +03:00
dd5cde1919
Fix unary operator expected (Bug 45985)
2020-07-31 18:09:51 +03:00
c47a310683
Fix unary operator expected (Bug 45985) ( #270 )
2020-07-30 11:54:46 +03:00
0d974b9f2a
Merge branch hotfix/v5.6.0 into release/v6.0.0
2020-07-28 13:48:40 +00:00
7bfe250035
Add Graphite ( #265 )
2020-07-23 15:42:17 +03:00
62424ea120
Disable redis server for Community Edition ( #255 )
...
* Disable redis server
* Add REDIS_ENABLED variable
* Fix Dockerfile
* Fix REDIS_ENABLED condition
2020-06-04 15:15:34 +03:00
f6b5017b4a
Rename cert & key files ( #245 )
...
* New cert files default names
* Add certs travis test
* Add certificate generation
* Fix certs test
* Fix cert gen
* Fix directory mapping
* Fix https healthcheck
* Add test for old cert path
* Fix script & test
* Fix port number
* Code refactoring
* Fix old cert test
* Code refactoring
* Fix certs test names
* Remove unnecessary test
2020-04-29 19:48:33 +03:00
a51dc61276
Fix db folder mapping for custom build
2020-04-01 12:11:57 +03:00
cc4b0f3b14
Merge branch 'hotfix/v5.5.1' into create_postgresql_tbl-grep-fix
2020-03-05 14:16:49 +03:00
438a41a933
Fix #44534
2020-02-25 13:54:23 +03:00
43010e1bd2
fix for create_postgresql_tbl grep so it stops throwing a failure
2020-02-22 19:15:48 -05:00
33d04dc4f4
Remove nodejs dependency
2020-02-21 14:58:20 +03:00
586d1078e6
Create folder for pkg example
2020-02-12 13:42:04 +03:00
9eff99f618
Remake fix #96
2019-12-26 13:14:51 +03:00
df8e19ed90
Update postgersql version
2019-12-26 13:14:51 +03:00
3ff96e8b49
Fix 'JWT_IN_BODY' param parsing
2019-12-25 17:25:57 +03:00
08bb07e2d0
Rename AMQP variables ( #205 )
2019-12-23 18:45:37 +03:00
ee8fa827e3
Add external volumes for rabbitmq and redis ( #203 )
2019-12-20 13:15:59 +03:00
2b982778f3
fix issue #96 ; 'Download failed' after upgrade to onlyoffice ( #191 )
...
* fix issue #96 ; 'Download failed' after upgrade to onlyoffice - unable to verify the first certificate
* New variable name REJECT_UNAUTHORIZED_STORAGE
Shell variable rnamed to REJECT_UNAUTHORIZED_STORAGE.
2019-12-05 19:18:36 +03:00
f4c0bd13b2
Merge branch 'develop' into hotfix/v5.4.2
2019-11-29 15:16:41 +03:00
